Lucene search
RedHatRHSA-2022:0722HistoryMar 01, 2022 - 2:04 p.m.
(RHSA-2022:0722) Moderate: rh-maven36-httpcomponents-client security update
2022-03-0114:04:58
access.redhat.com
30
0.002 Low
EPSS
Percentile
53.1%
HttpClient is a HTTP/1.1 compliant HTTP agent implementation based on httpcomponents HttpCore. It also provides reusable components for client-side authentication, HTTP state management, and HTTP connection management.
Security Fix(es):
- apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | noarch | rh-maven36-httpcomponents-client | < 4.5.9-1.3.el7 | rh-maven36-httpcomponents-client-4.5.9-1.3.el7.noarch.rpm |
| RedHat | 7 | noarch | rh-maven36-httpcomponents-client-javadoc | < 4.5.9-1.3.el7 | rh-maven36-httpcomponents-client-javadoc-4.5.9-1.3.el7.noarch.rpm |
Related
nessus
nessus
Debian DSA-4772-1 : httpcomponents-client - security update
2020-10-15 00:00:00
Oracle Linux 8 : maven:3.6 (ELSA-2022-1860)
2022-05-18 00:00:00
CentOS 8 : maven:3.5 (CESA-2022:1861)
2022-05-10 00:00:00
osv
osv
Moderate: maven:3.5 security update
2022-05-10 08:04:48
Cross-site scripting in Apache HttpClient
2021-06-03 23:40:23
httpcomponents-client - security update
2020-10-10 00:00:00
ibm
ibm
rocky
rocky
maven:3.6 security and enhancement update
2022-05-10 08:04:46
maven:3.5 security update
2022-05-10 08:04:48
oraclelinux
oraclelinux
maven:3.6 security and enhancement update
2022-05-17 00:00:00
maven:3.5 security update
2022-05-17 00:00:00
almalinux
almalinux
Moderate: maven:3.5 security update
2022-05-10 08:04:48
Moderate: maven:3.6 security and enhancement update
2022-05-10 08:04:46
github
github
Vulnerable dependency in XTDB connector
2021-12-16 18:53:32
Cross-site scripting in Apache HttpClient
2021-06-03 23:40:23
debian
debian
[SECURITY] [DSA 4772-1] httpcomponents-client security update
2020-10-14 20:21:34
[SECURITY] [DLA 2405-1] httpcomponents-client security update
2020-10-10 17:12:02
ubuntucve
ubuntucve
CVE-2020-13956
2020-12-02 00:00:00
redhat
redhat
(RHSA-2022:1861) Moderate: maven:3.5 security update
2022-05-10 08:04:48
(RHSA-2021:0084) Moderate: Red Hat build of Quarkus 1.7.6 release and security update
2021-01-12 16:39:29
(RHSA-2022:1860) Moderate: maven:3.6 security and enhancement update
2022-05-10 08:04:46
amazon
amazon
Medium: httpcomponents-client
2023-02-17 00:11:00
cgr
cgr
CVE-2020-13956 vulnerabilities
2024-05-19 03:07:16
cvelist
cvelist
CVE-2020-13956
2020-12-02 16:20:12
ubuntu
ubuntu
HttpClient vulnerability
2022-08-08 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2405-1)
2020-10-11 00:00:00
Mageia: Security Advisory (MGASA-2021-0314)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-5239-1)
2023-01-27 00:00:00
nvd
nvd
CVE-2020-13956
2020-12-02 17:15:14
mageia
mageia
Updated httpcomponents-client packages fix a security vulnerability
2021-07-07 02:12:30
prion
prion
Cross site request forgery (csrf)
2020-12-02 17:15:00
debiancve
debiancve
CVE-2020-13956
2020-12-02 17:15:14
veracode
veracode
Validation Bypass
2020-10-12 04:02:04
redhatcve
redhatcve
CVE-2020-13956
2020-10-08 20:22:11
cve
cve
CVE-2020-13956
2020-12-02 17:15:14
wolfi
wolfi
CVE-2020-13956 vulnerabilities
2024-06-26 15:33:03
freebsd
freebsd
Apache Maven -- multiple vulnerabilities
2021-04-04 00:00:00
atlassian
atlassian
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00